"The Intercept has obtained a secret, internal U.S. government catalogue of dozens of cellphone surveillance devices used by the military and by intelligence agencies. The document, thick with previously undisclosed information, also offers rare insight into the spying capabilities of federal law enforcement and local police inside the United States.

The catalogue includes details on the Stingray, a well-known brand of surveillance gear, as well as Boeing “dirt boxes” and dozens of more obscure devices that can be mounted on vehicles, drones, and piloted aircraft. Some are designed to be used at static locations, while others can be discreetly carried by an individual. They have names like Cyberhawk, Yellowstone, Blackfin, Maximus, Cyclone, and Spartacus. Within the catalogue, the NSA is listed as the vendor of one device, while another was developed for use by the CIA, and another was developed for a special forces requirement. Nearly a third of the entries focus on equipment that seems to have never been described in public before."

Slides of the catalogue available here, while a stylised version is available here.

We are free if we opt out of an endless regime of upgrades. Make the choice today to opt-out. I am not saying don't use and don't exploit the brilliance of mobile telephony, wi-fi, iphones and ipads and the Internet... I am talking about keeping oneself in check. Our feet are on the ground but sometimes we act as if we live in the Clouds. #getreal

“From the privacy perspective, we are of course pleased to see Google drop this product,” Marc Rotenberg, president of the Electronic Privacy Information Center, wrote in an email. “And it is a very big deal when Google backs down, particularly after its big push.”

He continued: “But it is also speaks to a larger issue in tech design about privacy. Eyeglass-mounted web display and phone for those who wanted it? Not really a problem. Surveillance and recording of those around the user? Yeah, that’s a problem.”

German researchers have discovered security flaws that could let hackers, spies and criminals listen to private phone calls and intercept text messages on a potentially massive scale – even when cellular networks are using the most advanced encryption now available.

The flaws, to be reported at a hacker conference in Hamburg this month, are the latest evidence of widespread insecurity on SS7, the global network that allows the world’s cellular carriers to route calls, texts and other services to each other. Experts say it’s increasingly clear that SS7, first designed in the 1980s, is riddled with serious vulnerabilities that undermine the privacy of the world’s billions of cellular customers.

The flaws discovered by the German researchers are actually functions built into SS7 for other purposes – such as keeping calls connected as users speed down highways, switching from cell tower to cell tower – that hackers can repurpose for surveillance because of the lax security on the network.

Those skilled at the myriad functions built into SS7 can locate callers anywhere in the world, listen to calls as they happen or record hundreds of encrypted calls and texts at a time for later decryption. There also is potential to defraud users and cellular carriers by using SS7 functions, the researchers say.

These vulnerabilities continue to exist even as cellular carriers invest billions of dollars to upgrade to advanced 3G technology aimed, in part, at securing communications against unauthorized eavesdropping. But even as individual carriers harden their systems, they still must communicate with each other over SS7, leaving them open to any of thousands of companies worldwide with access to the network. That means that a single carrier in Congo or Kazakhstan, for example, could be used to hack into cellular networks in the United States, Europe or anywhere else.

“It’s like you secure the front door of the house, but the back door is wide open,” said Tobias Engel, one of the German researchers.

Engel, founder of Sternraute, and Karsten Nohl, chief scientist for Security Research Labs, separately discovered these security weaknesses as they studied SS7 networks in recent months, after The Washington Post reported the widespread marketing of surveillance systems that use SS7 networks to locate callers anywhere in the world. The Post reported that dozens of nations had bought such systems to track surveillance targets and that skilled hackers or criminals could do the same using functions built into SS7. (The term is short for Signaling System 7 and replaced previous networks called SS6, SS5, etc.)

The researchers did not find evidence that their latest discoveries, which allow for the interception of calls and texts, have been marketed to governments on a widespread basis. But vulnerabilities publicly reported by security researchers often turn out to be tools long used by secretive intelligence services, such as the National Security Agency or Britain’s GCHQ, but not revealed to the public.

“Many of the big intelligence agencies probably have teams that do nothing but SS7 research and exploitation,” said Christopher Soghoian, principal technologist for the ACLU and an expert on surveillance technology. “They’ve likely sat on these things and quietly exploited them.”

The GSMA, a global cellular industry group based in London, did not respond to queries seeking comment about the vulnerabilities that Nohl and Engel have found. For the Post’s article in August on location tracking systems that use SS7, GSMA officials acknowledged problems with the network and said it was due to be replaced over the next decade because of a growing list of security and technical issues.

The German researchers found two distinct ways to eavesdrop on calls using SS7 technology. In the first, commands sent over SS7 could be used to hijack a cell phone’s “forwarding” function — a service offered by many carriers. Hackers would redirect calls to themselves, for listening or recording, and then onward to the intended recipient of a call. Once that system was in place, the hackers could eavesdrop on all incoming and outgoing calls indefinitely, from anywhere in the world.

The second technique requires physical proximity but could be deployed on a much wider scale. Hackers would use radio antennas to collect all the calls and texts passing through the airwaves in an area. For calls or texts transmitted using strong encryption, such as is commonly used for advanced 3G connections, hackers could request through SS7 that each caller’s carrier release a temporary encryption key to unlock the communication after it has been recorded.

Nohl on Wednesday demonstrated the ability to collect and decrypt a text message using the phone of a German senator, who cooperated in the experiment. But Nohl said the process could be automated to allow massive decryption of calls and texts collected across an entire city or a large section of a country, using multiple antennas.

“It’s all automated, at the push of a button,” Nohl said. “It would strike me as a perfect spying capability, to record and decrypt pretty much any network… Any network we have tested, it works.”

Those tests have included more than 20 networks worldwide, including T-Mobile in the United States. The other major U.S. carriers have not been tested, though Nohl and Engel said it’s likely at least some of them have similar vulnerabilities. (Several smartphone-based text messaging systems, such as Apple’s iMessage and Whatsapp, use end-to-end encryption methods that sidestep traditional cellular text systems and likely would defeat the technique described by Nohl and Engel.)

In a statement, T-Mobile said: “T-Mobile remains vigilant in our work with other mobile operators, vendors and standards bodies to promote measures that can detect and prevent these attacks.”

The issue of cell phone interception is particularly sensitive in Germany because of news reports last year, based on documents provided by former NSA contractor Edward Snowden, that a phone belonging to Chancellor Angela Merkel was the subject of NSA surveillance. The techniques of that surveillance have not become public, though Nohl said that the SS7 hacking method that he and Engel discovered is one of several possibilities.

U.S. embassies and consulates in dozens of foreign cities, including Berlin, are outfitted with antennas for collecting cellular signals, according to reports by German magazine Der Spiegel, based on documents released by Snowden. Many cell phone conversations worldwide happen with either no encryption or weak encryption.

The move to 3G networks offers far better encryption and the prospect of private communications, but the hacking techniques revealed by Nohl and Engel undermine that possibility. Carriers can potentially guard their networks against efforts by hackers to collect encryption keys, but it’s unclear how many have done so. One network that operates in Germany, Vodafone, recently began blocking such requests after Nohl reported the problem to the company two weeks ago.

Nohl and Engel also have discovered new ways to track the locations of cell phone users through SS7. The Post story, in August, reported that several companies were offering governments worldwide the ability to find virtually any cell phone user, virtually anywhere in the world, by learning the location of their cell phones through an SS7 function called an “Any Time Interrogation” query.

Some carriers block such requests, and several began doing so after the Post’s report. But the researchers in recent months have found several other techniques that hackers could use to find the locations of callers by using different SS7 queries. All networks must track their customers in order to route calls to the nearest cellular towers, but they are not required to share that information with other networks or foreign governments.

Carriers everywhere must turn over location information and allow eavesdropping of calls when ordered to by government officials in whatever country they are operating in. But the techniques discovered by Nohl and Engel offer the possibility of much broader collection of caller locations and conversations, by anyone with access to SS7 and the required technical skills to send the appropriate queries.

“I doubt we are the first ones in the world who realize how open the SS7 network is,” Engel said.

Secretly eavesdropping on calls and texts would violate laws in many countries, including the United States, except when done with explicit court or other government authorization. Such restrictions likely do little to deter criminals or foreign spies, say surveillance experts, who say that embassies based in Washington likely collect cellular signals.

The researchers also found that it was possible to use SS7 to learn the phone numbers of people whose cellular signals are collected using surveillance devices. The calls transmit a temporary identification number which, by sending SS7 queries, can lead to the discovery of the phone number. That allows location tracking within a certain area, such as near government buildings.

The German senator who cooperated in Nohl’s demonstration of the technology, Thomas Jarzombek of Merkel’s Christian Democratic Union party, said that while many in that nation have been deeply angered by revelations about NSA spying, few are surprised that such intrusions are possible.

“After all the NSA and Snowden things we’ve heard, I guess nobody believes it’s possible to have a truly private conversation on a mobile phone,” he said. “When I really need a confidential conversation, I use a fixed-line” phone.

"A man walks through Wal-Mart, holding something to his ear as he passes a gun case.

He leans toward a shelf and steps back into view, now holding a long, dark object — a gun? — as he walks past customers, who show no obvious reaction.

Eight minutes later, surveillance video from a different angle shows him farther away.

Suddenly he drops the object and crumples to the floor. Two more people come into view, walking toward him with firearms drawn.

Was it a justified fatal shooting by police or an unreasonable use of force? Does the soundless video offer enough information to answer that question?

In the Wal-Mart case and others, cameras meant to help catch bad guys or document police actions are drawing attention for capturing officers using force.

The public circulation of those images increases transparency, but it also adds the risk of viewers rushing to judgment based on only part of the story.

"You might see a video and think that because you're seeing an actual sort of account of what happened, you know the whole story.

And it's very rare that a video is actually going to be able to tell the whole story," said Ric Simmons, an Ohio State University professor of criminal law.

At that Wal-Mart in Beavercreek, outside Dayton, 22-year-old John Crawford III was talking on a cellphone and picked up an air rifle on August 5.

A 911 caller reported seeing someone waving a gun and pointing it at people. Police said Crawford was shot when he didn't respond to officers' orders to drop the weapon, something the video can't prove because there's no audio.

Crawford's relatives and their attorneys say he was "shot on sight" with no chance to respond and that the video proves the shooting was unreasonable.

A grand jury concluded it was justified. A federal investigation is pending.

Sometimes a video instantly offers incriminating evidence. In South Carolina this month, a state trooper was fired and charged with assault after his dashboard video, with audio, showed an unarmed driver being shot in the hip."

My observation? How long before this technology becomes mainstream? And then even the body-modders might be asking themselves that the 'group' they identify with is no longer unique... implantables, like tattoos, like piercing are about being 'different' but also the 'same'... But when everybody has one, even the boring old banks, will the body-modders really want one? "Yes" if it means customisation, and "no" if they think it means conformity to the masses.

"I shoot with my cellphone because it is like a periscope, allowing me to stare without being noticed. I look like everyone else who is texting, Web surfing or checking messages.

I also use my cellphone because it feels right to employ a ubiquitous 21st-century tool to record 21st-century city dwellers. Almost all of us have one, and for all I know, someone is recording me right now, as I write these words on my laptop at a small outdoor cafe (under the gaze of a surveillance camera)."

When Matthew Whisker picks his children up from their north shore childcare centre he doesn’t automatically have to ask how their day went – he already knows.

The Neutral Bay father has an app which alerts him to the daily activities and achievements of his children Harry, 11 months, and Lulu, five, almost immediately via his smart phone.

The app is being trialled in three Sydney centres operated by Only About Children, with plans to roll it out more widely later this year. Victoria’s Woodland Education has developed a similar app which also alerts parents to the real-time minutiae and milestones of their children’s lives, including what they had for lunch and if they soiled their nappies.

But experts have questioned whether young children need to have their lives documented in such detail and how it might affect normal interactions between parents, kids and carers.

Only About Children’s chief operations officer, Kathryn Hutchins, said the group, which has 31 centres in NSW, Victoria and Queensland, developed the app in response to parental demand.

‘‘We want to capture the moments working parents may want to see but don’t have the opportunity to because they are at work,’’ she said. ‘‘For example, if your child is just learning to walk, there will be a photo that shows that activity.’’

Educators carry a small handset tablet, photographing the children and writing short descriptions of what they are doing before uploading the content. The parent then gets a push notification, alerting them to the status update.

"Blackphone, the first consumer-grade handset explicitly marketed as a privacy guardian, has begun shipping.

Revealed at the start of this year, Blackphone runs a fork of Android called PrivatOS and comes bundled with a variety of security-centric tools and subscriptions, including Silent Phone and Silent Text (for normal voice, video and text communications), Disconnect (VPN and search), SpiderOak (cloud storage) and the Smarter Wi-Fi Manager (for protection from dodgy hotspots)."

The tech group has decided not to sell it at this stage, instead releasing instructions on how people can build it themselves.

If you want to cut down on costs, you can even make one with an old pizza box. But if you’re not keen on getting your hands greasy, you can always order one for around $30 online from one of the many companies offering to build it for you.

A number of the contraptions are also being sold on eBay by attendees of Google’s I/O developers’ conference, where the company handed out thousands of them for free.

Besides cardboard, you need lenses (to focus on your phone’s screen as it’s otherwise blurry when close to your eyes), magnets, Velcro, a rubber band, and an optional near-field communications (NFC) tag. A piece of elastic and some staples might also be worth investing in to make it stay on your head hands-free.

So what does it do?

Like any other VR headset on the market, it brings the user into a 3D space.

Unlike other headsets, it does not require a desktop or laptop computer to be connected to it. Instead, all you need is an Android smartphone running an app called Cardboard that splits the screen into two images (one for each eye) to create the illusion of looking at a 3D environment once it is placed into the cardboard device.

It is a jaw-dropping experience, as demonstrated by a Google video of developers’ reactions to using it at Google’s I/O conference.

Having used Oculus Rift, I found Cardboard an almost identical experience. I’d go as far as saying the experience is actually as good, if not better. I also didn’t feel sick when using it, but this might have been because the apps created for Cardboard thus far don’t cause motion sickness. Others created by third parties might have this result, also known as the “simulator effect”. 

Mexico has a pretty serious kidnapping problem-so serious that there is now a market for a $4,000...Read more

The main problem is that the technology, for a number of reasons, couldn't have worked in the first place. For one, the implants are much too small for a satellite to pick up. And that's without taking into account the barriers the implant's signal would have to overcome—that is, metal, concrete, and the water of the human body. For another, the implants can't be trusted to broadcast a signal without losing its teeny tiny charge.

And even if the police did manage to pick up the signal, there'd be no time to mount a raid to save you. All told, you're probably only about 1% less screwed.

That hasn't stopped RFID manufacturers from raking in the money in the last two years. Xega's still very much at it, even after admitting the technology is "bad for the country." UPIwrites:

Xega charges people seeking the implant $2,000 up front, with annual fees of $2,000. For their money, implant customers get a radio frequency identification chip implanted into the fatty tissue of the arm.